develooper Front page | perl.perl5.porters | Postings from October 2012

Re: Security Issues in perl-5.16.x

Thread Previous | Thread Next
From:
John Imrie
Date:
October 3, 2012 11:13
Subject:
Re: Security Issues in perl-5.16.x
Message ID:
506C802A.8090504@virginmedia.com
On 03/10/2012 11:16, Leon Timmermans wrote:
> On Wed, Oct 3, 2012 at 1:32 AM, Jesse Luehrs <doy@tozt.net> wrote:
>> The point that Chip is making is: how would you propose stopping package
>> names from containing nulls? Packages are just hashes internally.
>> Should all packages get set uvar magic that dies if the key contains a
>> null or something like that? That seems pretty ugly.
> Agreed. I'm not seeing any inherent reason why package names shouldn't
> be allowed to contain binary data.
>
I have a compelling reason why we should allow 'binary' data.

How would this end up in the Stash.

require 人;

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About